Under linux you run out of system Entropy when trying to generate GPG keys unless you use /dev/urandom. Under windows, you get the speed of /dev/urandom without any tweaks. Does windows have that much extra entropy, or are the keys just less secure?

1 Answer
1

I would say it mostly depends on the entropy pool and how entropy is collected.

I found this:

Microsoft Windows releases newer than 95A feature the CryptoAPI (CAPI)
API that gathers entropy in a similar fashion to Linux kernel's
/dev/random.[11] Windows's CryptoAPI uses the binary registry key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG\Seed to store a
seeded value from all of its entropy sources.[12] Because CryptoAPI is
closed-source, some free and open source software applications running
on the Windows platform use other measures to get randomness. For
example, GnuPG, as of version 1.06, uses a variety of sources such as
the number of free bytes in memory that combined with a random seed
generate the desired randomness it needs.[13] Programmers using CAPI
can get entropy by calling CAPI's CryptGenRandom(), after properly
initialising it